<?php

namespace App\Http\Middleware;

use Closure;

class CheckAdminLogin
{
    /**
     * Handle an incoming request.
     *
     * @param \Illuminate\Http\Request $request
     * @param \Closure $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        if (auth()->check()) {
            // 已登录则继续访问
            $info = session('admin_routes');
            if ($info !== true) {
                $nodes = array_merge(array_filter($info), config('rbac.allow_route'));
                $now   = $request->route()->getName();
                if (in_array($now, $nodes)) {
                    return $next($request);
                } else {
                    exit('禁止访问');
                }
            }
            return $next($request);
        }
        return redirect(route('admin.login'))->withErrors(['error' => '请先登录']);
    }
}
